We’ve both been on the program committee for several conferences, and were thrilled to have such a strong set of proposals to work with this year. If you didn’t make it in for O’Reilly Security NY or O’Reilly Security Amsterdam, here are some common themes we saw differentiating the top-tier talks:

1. Propose a practical, defense-focused talk

We’ve built our new O’Reilly Security Conferences to unite in-the-trenches defensive security practitioners, to open discourse on defending organizations, and to provide a forum for sharing concrete solutions. Want to talk about breaking? Great! Then, flip the topic around and tell us how to fix it. We all know that there are problems. Let’s talk about solutions.

2. Offer a novel or creative idea, approach, or opinion

With so many talks to choose from, the ones that really stood out included novel (if practical) approaches. There were many topics (hello, machine learning) that were popular in the CFP. If we received multiple talks on the exact same subject, we had to make some difficult choices about which presentations should be chosen. Consistently, the program committee prioritized presentations with a fresh approach. Take heed.

3. Focus on what the audience will gain

There are a lot of security conferences out there that deliver amazing research. We’re trying something a little different—a focus on pragmatic approaches for practitioners. So we tried to focus on building an agenda that delivers on the promise to provide attendees with practical, useful tips they can apply immediately. That means that talks that highlighted what the attendees would learn grabbed our attention, over talks that simply described a point of view, concept, or research finding. Also, proposals that made it easy for us to understand what the speaker was going to share with the audience picked up bonus points over proposals that only dropped hints. (Save the surprises for Ally’s birthday extravaganza.)

4. Don’t pitch

While the conference marketing team works closely with a number of conference sponsors, the program committee sticks to a purely editorial process. The O'Reilly-ans describe this as "separation of church and state" and we think strict adherence to this principle yields the best results for everyone involved. On the program committee side, we err very much on the side of technical talks with lessons learned and practical takeaways. If you are proposing a talk about a product (notably your own), teach attendees useful things and demonstrate their credibility.

Attendees are then likely to look at your product. Pitch them and they'll instead be reluctant to look at the product, and learn less in the process.

5. Write well

We’re not copyediting your proposal. Ain’t nobody got time for that. But we do care whether you’ve thought carefully about what you’d like to present, and whether you’ve clearly articulated that focus. Also, you will ultimately be presenting this talk in front of a crowd, with slides, which we do suggest you also carefully edit. When you’re tasked with reviewing 400+ proposals, the sloppy ones are usually the first to go.

6. Be brief and avoid jargon

While common jargon within proposals did spur some colorful outbursts (and at least one drinking game among program committee members), we’re less interested in jargon and much more interested in solving long-standing problems. And we can all agree, there are plenty of those to keep us busy. It was the focused, buzzword-free proposals that consistently received strong ratings.

Courtney Nash chairs multiple conferences for O'Reilly Media and is the strategic content director focused on areas of modern web operations, high performance applications, and security. An erstwhile academic neuroscientist, she is still fascinated by the brain and how it informs our interactions with and expectations of technology. She's spent 17 years working in the technology industry in a wide variety of roles, ever since moving to Seattle to work at a burgeoning online bookstore. Outside work, Courtney can be found biking, hiking, skiing, ...

Allison Miller works in product management at Google, mitigating risks to Google and end-users. Prior to her current role, Allison held technical and leadership roles in security, risk analytics, and payments/commerce at Electronic Arts, Tagged.com, PayPal/eBay, and Visa International. Miller is a proven innovator in the security industry, and regularly presents research on risk analytics, cybersecurity, and economics. She is known for her expertise in designing and implementing real-time risk prevention and detection systems running at interne...